Field
The present disclosure relates generally to apparatuses and methods for improved mobility procedures involving mobility management entity (MME) relocation.
Background
A current cellular network architecture, shown in FIG. 1, uses a mobility management entity (MME) 110 to implement procedures for controlling access to the cellular network by a user equipment (UE) 120. Typically, the MME is owned and operated by a network service provider (system operator) as a core network element, and is located in a secure location controlled by the network service provider. The core network 100 has a control plane including a Home Subscriber Server (HSS) 130 and the MME, and a user plane including a Packet Data Network (PDN) Gateway (PGW) 140 and a Serving Gateway (SGW) 150. The MME is connected to an evolved Node B (eNodeB) 160. The eNodeB provides radio interfaces, RRC 180 and PDCP/RLC 190, with the UE.
In future cellular network architectures it is envisioned that the MMEs 110 or network components that perform many of the functions of the MMEs 110 will be pushed out towards the network edge where they are less secure either because they are physically more accessible and/or are not isolated from other network operators. As network functions are moved to, for example, the cloud (e.g., internet), it may not be assumed that they are secure because they may have a lower level of physical isolation, or no physical isolation. Further, network equipment may not be owned by a single network service provider. As an example, multiple MME instances may be hosted with a single physical hardware device. As a result, the keys sent to the MMEs may need refreshing more frequently and hence it may not be advisable to forward the authentication vectors (AVs) to the MMEs.
There is a need for improved apparatuses and methods that provide additional security for the cellular network architectures of the future where MME functions are performed close to the network edge.